Strategies for protecting IMAP (e.g. MFA)

Tyler Montney montneytyler at gmail.com
Mon Nov 15 20:14:31 UTC 2021


> Probably because it can be complex to set up and maintain

Such is mail and many other things, which falls on the admins. I see no
harm in exploring what's what before deciding.

> and more would be gained by educating users

Yes, users are the weakest link. Users are also the biggest challenge.
Making them use 2FA on their phone? Easy.
Retraining them to think more like me? Very difficult (assuming you get
management buy-in).

Again, I'm trying to explore deploying an all "bells and whistles" mail
stack that can cater to both an enthusiast
environment (like myself) and one in a commercial/enterprise environment.
Not having 2FA like I could get from
cloud offerings may be a deal breaker for me.

> I personally find your style of quoting a bit irritating, especially
because you leave the whole original message intac

Gmail loves hiding the previous text with an ellipsis, making me not
realize.

> Why not quote in a manner we have successfully used for a couple of
decades?

I've just recently started using mailing lists, so replying is still a bit
awkward to me. (Probably be easier if we'd use forums.)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20211115/d845cc9d/attachment.htm>


More information about the dovecot mailing list